CVE-2016-10229 — Improperly Implemented Security Check for Standard in Kernel

CWE-358 — Improperly Implemented Security Check for Standard CWE-662 — Improper Synchronization11 documents10 sources

Severity

9.8CRITICALNVD

EPSS

0.9%

top 23.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Google Android Paloalto Pan-os

Timeline

PublishedApr 4

Latest updateMay 17

Description

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDlinux/linux_kernel3.2 — 3.2.76+8

▶Debianlinux/linux_kernel< 4.5.1-1+3

▶NVDgoogle/android7.1.1

▶Palo Altopaloalto/pan-os

Patches

Patch: git.kernel.org ↗Patch: source.android.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-gm6m-fgmp-cp9x: udp↗2022-05-17

▶

OSV

CVE-2016-10229: udp↗2017-04-04

▶

CVEList

CVE-2016-10229: udp↗2017-04-04

▶

📋Vendor Advisories

Palo Alto

Kernel Vulnerability↗2017-06-19

▶

Android

CVE-2016-10229: Android Security Bulletin 2017-04-01 CVE: CVE-2016-10229 Severity: CRITICAL References: A-32813456 Upstream kernel↗2017-04-01

▶

Debian

CVE-2016-10229: linux - udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrar...↗2016

▶

Red Hat

kernel: net: Unsafe second checksum calculation in udp.c↗2015-12-30

▶

📄Research Papers

arXiv

Trusted Container Extensions for Container-based Confidential Computing↗2022-05-11

▶

💬Community

Bugzilla

CVE-2016-10229 kernel: net: Unsafe second checksum calculation in udp.c [fedora-all]↗2017-04-10

▶

Bugzilla

CVE-2016-10229 kernel: net: Unsafe second checksum calculation in udp.c↗2017-04-06

▶